[brbz]

How could you generate passwords that satisfy arbitrary password constraints? Say example.com has a 20 character limit, must contain a capital letter and symbol (but not certain symbols), and can't contain a dictionary word. It seems to me like your generator would have to have an option for each constraint to satisfy, and you'd have to remember them at the time of retrieval (unless you store the settings).

Is there a different solution?

[rkeene2]

I solved it in WebPass[0] by encoding the constraints for special (i.e., not generic) sites into rules associated with a unique ID, then only valid password are considered.

https://webpass.rkeene.org/

[andrepd]

I don't think that's such a big problem for most users. The vast majority of websites impose only a few easily satisfiable constraints, at most: small and capital letters, numbers, symbols. This covers 99% of websites, and the default generator can cover this by default by generating something like bhAwG9$nj#.

For those corner cases you can have different password generators, for more complex constraints. But overall it's not a big hurdle.

[rnhmjoj]

I store the settings. It's either in the shell history or I just remember it. There are few services, notably online banking websites, that impose such requirements: ironically they are reducing the strength of my password scheme.

I use this tool to generate the passwords: http://hackage.haskell.org/package/scat